Update wp_vulns.xml

2013-12-11 07:50:04 +01:00
parent 301b44dcae
commit 32e590f398
1 changed files with 10 additions and 4 deletions
--- a/data/wp_vulns.xml
+++ b/data/wp_vulns.xml
@@ -94,7 +94,7 @@
      <fixed_in>3.5.2</fixed_in>
    </vulnerability>
    <vulnerability>
-      <title>WordPress 3.4 - 3.5.1 DoS in class-phpass.php</title>
+      <title>WordPress 3.4-3.5.1 DoS in class-phpass.php</title>
      <references>
        <url>http://seclists.org/fulldisclosure/2013/Jun/65</url>
        <secunia>53676</secunia>
@@ -112,6 +112,7 @@
        <osvdb>94790</osvdb>
      </references>
      <type>XSS</type>
+      <fixed_in>3.5.2</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>WordPress TinyMCE Plugin Flash Applet Unspecified Spoofing Weakness</title>
@@ -119,6 +120,7 @@
        <osvdb>94787</osvdb>
      </references>
      <type>UNKNOWN</type>
+      <fixed_in>3.5.2</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>WordPress File Upload Unspecified Path Disclosure</title>
@@ -126,27 +128,31 @@
        <osvdb>94788</osvdb>
      </references>
      <type>UNKNOWN</type>
+      <fixed_in>3.5.2</fixed_in>
    </vulnerability>
    <vulnerability>
-      <title>WordPress oEmbed Unspecified XML External Entity (XXE) Arbitrary File Disclosure</title>
+      <title>WordPress 3.5-3.5.1 oEmbed Unspecified XML External Entity (XXE) Arbitrary File Disclosure</title>
      <references>
        <osvdb>94789</osvdb>
      </references>
      <type>XXE</type>
+      <fixed_in>3.5.2</fixed_in>
    </vulnerability>
    <vulnerability>
-      <title>WordPress Multiple Role Remote Privilege Escalation</title>
+      <title>WordPress 3.5-3.5.1 Multiple Role Remote Privilege Escalation</title>
      <references>
        <osvdb>94783</osvdb>
      </references>
      <type>UNKNOWN</type>
+      <fixed_in>3.5.2</fixed_in>
    </vulnerability>
    <vulnerability>
-      <title>WordPress HTTP API Unspecified Server Side Request Forgery (SSRF)</title>
+      <title>WordPress 3.5-3.5.1 HTTP API Unspecified Server Side Request Forgery (SSRF)</title>
      <references>
        <osvdb>94784</osvdb>
      </references>
      <type>SSRF</type>
+      <fixed_in>3.5.2</fixed_in>
    </vulnerability>
  </wordpress>